* * @author Organisation: Queen's University * @author Unit: School of Medicine * @author Developer: Ryan Warner <*****@*****.**> * @copyright Copyright 2012 Queen's University. All Rights Reserved. * */ if (!defined("PARENT_INCLUDED")) { exit; } $unique_id = isset($_GET["unique_id"]) ? clean_input($_GET["unique_id"], "alphanumeric") : NULL; echo "<h1>Observership Confirmation</h1>"; if ($unique_id) { require_once ENTRADA_CORE . "/library/Models/mspr/Observership.class.php"; $step = isset($_POST["step"]) ? (int) $_POST["step"] : '1'; $observership = Observership::getByUniqueID($unique_id); if ($observership && $observership->getStatus() == "approved") { switch ($step) { case 2: if ($_POST["action"] == "Confirm" || $_POST["action"] == "Deny") { $PROCESSED["status"] = $_POST["action"] == "Confirm" ? "confirmed" : "denied"; } if ($PROCESSED["status"]) { $query = "UPDATE `student_observerships` SET `status` = " . $db->qstr($PROCESSED["status"]) . " WHERE `id` = " . $db->qstr($observership->getID()); if ($db->Execute($query)) { add_success("Thank you for updating this observership."); } else { application_log("error", "Error occurred when attempting to update `student_observershisp` [" . $observership->getID() . "], DB said: " . $db->ErrorMsg()); add_error("An error ocurred, we were unable to update the observership. A system administrator has been informed, please try again later."); } } else {